rj 



IN THE CLAIMS 
This listing of claims replaces all prior listings: 

1. (currently amended) A person authentication application data processing system 
for performing a person authentication process based on a v e rification process b e tween by 
comparing a template extracted from a person identification certificate,, in which the template 
which is including person identification data of an individual user who uses an information 
processing apparatus* and user input sampling information, said person authentication 
application data processing system comprising: 

an information processing apparatus that performs person authentication as a person 
authentication ex e cution e ntity ; and 

a person identification certificate authority that issues p erson identification certificates 
as a person identification certificate issuing e ntity , 

wherein said information processing apparatus p e rforms a proc e ss of retrieving 
retrieves a person identification certificate used for a person authentication process based on 
user input information, and outputs a request for issuing a person identification certificate to 
the person identification certificate authority when a person identification certificate 
corresponding to the user input information cannot be extracted, 

said person identification certificate authority creates a person identification certificate 
in which including an encrypted template* which can be decrypted in said information 
processing apparatus* and performs an issuing process for issues the person identification 
certificate responsive to the request from the information processing apparatus, and 

said information processing apparatus performs a proce s s for storing stores the person 
identification certificate issued from said person identification certificate authority in the a 
storage device m e ans of the information processing apparatus. 

2. (currently amended) A person authentication application data processing system 
according to Claim 1, wherein, when said information proces sing apparatus stores a ffl4he 
process for storing the newly obtained person identification certificate in the storage device 
means, and when said newly obtained person identification certificate is a person 
identification certificate corresponding to the same user for an existing public key certificate 
which has already been stored in said information processing apparatus, said information 
processing apparatus performs a process for creating creates pair information of identifiers of 
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each person identification certificate and stores the pair information in the storage device 
m e ans . 

3. (currently amended) A person authentication application data processing system 
according to Claim 1, further comprising a certificate authority that issues public key 
certificates as a public k e y c e rtificate issuing entity , 

wherein, said information processing apparatus retrieves performs a proc e ss for 
retri e ving a public key certificate used during data communication with an external apparatus^ 
with stored data of the storage device m e ans of the information processing apparatus being 
used as the retrieval target on the basis of the user input information, creates a pair of a public 
key and a secret key when the applicable public key certificate cannot be extracted, transmits 
the created public key to the person identification certificate authority which is the issuing 
entity of the public key certificate A and makes a request for issuing a person identification 
certificate, 

said person identification certificate authority performs a proc e ss for issuing issues a 
public key certificate corresponding to an individual user or a public key certificate 
corresponding to said information processing apparatus, and 

said information processing apparatus p e rforms a proc e ss for storing stores the public 
key certificate issued from said certificate authority in the storage device m e ans of the 
information processing apparatus. 

4. (currently amended) A person authentication application data processing system 
according to Claim 3, wherein, in the process for storing the newly obtained person 
identification certificate in the storage device m e ans , when said newly obtained person 
identification certificate is a person identification certificate corresponding to the same user 
for an existing public key certificate which has already been stored in said information 
processing apparatus, said information processing apparatus p e rforms a proc e ss for cr e ating 
creates pair information of identifiers of each certificate and stores the pair information in the 
storage device m e ans . 

5. (currently amended) A person authentication application data processing system 
according to Claim 3, wherein, in the process for storing the newly obtained person 
identification certificate in the storage device m e ans , when said newly obtained person 
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identification certificate is a person identification certificate corresponding to the same user 
for an existing public key certificate which has already been stored in said information 
processing apparatus, said information processing apparatus p e rforms a proc e ss for cr e ating 
creates pair information of identifiers of each certificate, stores the pair information in the 
storage device m e ans , and registers tog e th e r a process identifier which identifies a process 
including such as services to be used. 

6. (currently amended) A person authentication application data processing system 
according to Claim 1 , further comprising a service distribution device construction in which 
various services such as content distribution can be received from a service provider under the 
control of a service registration server on the condition of user registration for the service 
registration server, 

wherein said information processing apparatus performs a person authentication 
process based on a verification process between the template extracted from the person 
identification certificate and user input sampling information, in which the template being 
which is person identification data of an individual user who uses the information processing 
apparatus is stored and us e r input sampling information ^ and performs user registration for 
said service registration server on the condition that person authentication is established. 

7. (currently amended) A person authentication application data processing system 
according to Claim 1, further comprising a service distribution device construction in which 
various services such as content distribution can be received from a service provider under the 
control of a the service registration server on the condition of user registration for the service 
registration server, 

wherein said information processing apparatus performs mutual authentication with 
said service provider by using a public key certificate corresponding to an individual user or a 
public key certificate corresponding to said information processing apparatus in a process for 
receiving service distribution from said service provider, and 

said service provider provides services for said information processing apparatus on 
the condition that it is confirmed that the public key certificate used for said mutual 
authentication corresponds to an authorized user or device registered in said service 
registration server and said mutual authentication is established. 
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8. (original) A person authentication application data processing system according to 
Claim 1, wherein data communication between said information processing apparatus as a 
person authentication execution entity and the person identification certificate authority as a 
person identification certificate issuing entity is performed on the condition that the mutual 
authentication process is established. 

9. (currently amended) A person authentication application data processing system 
according to Claim 1, wherein, for data communication between said information processing 
apparatus as a person authentication execution entity and the person identification certificate 
authority as a person identification certificate issuing entity, a data transmission device 
creates part p e rforms a proc e ss for cr e ating an electronic signature for transmission data, and 
a receiving device verifies part p e rforms a proc e ss for v e rifying the electronic signature. 

10. (original) A person authentication application data processing system according 
to Claim 1, wherein an encryption key used to encrypt the template stored in the person 
identification certificate issued from said person identification certificate authority is a public 
key which is set for said information processing apparatus or an individual user. 

1 1 . (currently amended) A person authentication application data processing system 
according to Claim 1 , wherein said template includes at least one of biometric information 
and non-biometric information and a password, the is biometric information of a p e rson such 
as selected from the group consisting of fingerprint information, retina pattern information, 
iris pattern information, voice print information, and handwriting information, er-a the non- 
biometric information selected from the group consisting of such as a seal, a passport, a 
drivers license, and a card , or any combination of two or mor e of th e biometric information 
and the non - biom e tric information, or a combination of any of th e information and a 
password . 

12. (currently amended) A person authentication application data processing method 
for performing a person authentication process bas e d on a verification process b e tw ee n by 
comparing a template extracted from a person identification certificate^ in which a the 
template including which is person identification data of an individual user who uses an 



6 



information processing apparatus and user input sampling information, said person 
authentication application data processing method comprising: 

a step for providing an information processing apparatus as a person authentication 
execution entity and a person identification certificate authority as a person identification 
certificate issuing entity; 

a step in which said information processing apparatus p e rforms a process of r e tri e ving 
retrieves a person identification certificate used for a person authentication proc e ss based on 
user input information, and outputs a request for issuing a person identification certificate to 
the person identification certificate authority which is a person identification certificate 
issuing entity when a person identification certificate corresponding to the user input 
information cannot be extracted; 

a step in which said person identification certificate authority creates a person 
identification certificate in which including an encoded template a which can be decrypted in 
said information processing apparatus A is stor e d and p e rforms an issuing proc e ss for issues the 
person identification certificate responsive to the request from the information processing 
apparatus; and 

a step in which said information processing apparatus p e rforms a process for storing 
stores the person identification certificate issued from said person identification certificate 
authority in the a storage device m e ans of the information processing apparatus. 

13. (currently amended) A person authentication application data processing method 
according to Claim 12, wherein, when said information processing apparatus stores a in th e 
process for storing th e newly obtained person identification certificate in the storage device 
m e ans , and when said newly obtained person identification certificate is a person 
identification certificate corresponding to the same user for an existing public key certificate 
which has already been stored in said information processing apparatus, said information 
processing apparatus p e rforms a proc e ss for cr e ating creates pair information of identifiers of 
each person identification certificate and stores the pair information in the storage device 
means . 

14. (currently amended) A person authentication application data processing method 
according to Claim 12, further comprising: 

a step for providing a certificate authority as a public key certificate issuing entity; 
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a step in which said information processing apparatus retrieves p e rforms a proc e ss for 
r e tri e ving a public key certificate used during data communication with an external apparatus^ 
with stored data of the storage device m e ans of the information processing apparatus being 
used as the retrieval target on the basis of the user input information, creates a pair of a public 
key and a secret key when the applicable public key certificate cannot be extracted, transmits 
the created public key to the person identification certificate authority which is the issuing 
entity of the public key certificate,, and makes a request for issuing a person identification 
certificate; 

a step in which said person identification certificate authority issues p e rforms a 
proc e ss for issuing a public key certificate corresponding to an individual user or a public key 
certificate corresponding to said information processing apparatus; and 

a step in which said information processing apparatus stores p e rforms a proc e ss for 
storing the public key certificate issued from said certificate authority in the storage device 
means of the information processing apparatus. 

15. (currently amended) A person authentication application data processing method 
according to Claim 14, wherein, in the process for storing the newly obtained person 
identification certificate in the storage device m e ans , when said newly obtained person 
identification certificate is a person identification certificate corresponding to the same user 
for an existing public key certificate which has already been stored in said information 
processing apparatus, said information processing apparatus p e rforms a proc e ss for cr e ating 
creates pair information of identifiers of each certificate and stores the pair information in the 
storage device m e ans . 

16. (currently amended) A person authentication application data processing method 
according to Claim 14, wherein, in the process for storing the newly obtained person 
identification certificate in the storage device means, when said newly obtained person 
identification certificate is a person identification certificate corresponding to the same user 
for an existing public key certificate which has already been stored in said information 
processing apparatus, said information processing apparatus p e rforms a process for cr e ating 
creates pair information of identifiers of each certificate, stores the pair information in the 
storage device m e ans , and registers togeth e r a process identifier which identifies a process 
including such as services to be used. 
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17. (currently amended) A person authentication application data processing method 
according to Claim 12, further comprising: 

a step for providing a service distribution device construction in which various 
services such as content distribution can be received from a service provider under the control 
of a service registration server on the condition of user registration for the service registration 
server; and 

a step in which said information processing apparatus performs a person 
authentication process based on a verification process between a template extracted from the 
person identification certificate and user input sampling information, in which the template 
being which is person identification data of an individual user who uses the information 
processing apparatus is stor e d and th e us e r input sampling information , and performs user 
registration for said service registration server on the condition that person authentication is 
established. 

18. (currently amended) A person authentication application data processing method 
according to Claim 12, further comprising: 

a step for providing a service distribution device construction in which various 
services such as content distribution can be received from a service provider under the control 
of a service registration server on the condition of user registration for the service registration 
server; 

a step in which, in a process for receiving service distribution from said service 
provider, said information processing apparatus performs mutual authentication with said 
service provider by using a public key certificate corresponding to an individual user who 
uses the information processing apparatus or a public key certificate corresponding to said 
information processing apparatus; and 

a step in which said service provider provides services for said information processing 
apparatus on the condition that it is confirmed that the public key certificate used for said 
mutual authentication corresponds to an authorized user or device registered in said service 
registration server and said mutual authentication is established. 

19. (original) A person authentication application data processing method according 
to Claim 12, wherein data communication between said information processing apparatus as a 
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person authentication execution entity and the person identification certificate authority as a 
person identification certificate issuing entity is performed on the condition that the mutual 
authentication process is established. 

20. (currently amended) A person authentication application data processing method 
according to Claim 12, wherein, for data communication between said information processing 
apparatus as a person authentication execution entity and the person identification certificate 
authority as a person identification certificate issuing entity, a data transmission device 
creates part p e rforms a proc e ss for cr e ating an electronic signature for transmission data, and 
a receiving device verifies part p e rforms a proc e ss for verifying the electronic signature. 

21. (original) A person authentication application data processing method according 
to Claim 12, wherein an encryption key used to encrypt the template stored in the person 
identification certificate issued from said person identification certificate authority is a public 
key which is set for said information processing apparatus or an individual user. 

22. (currently amended) An information processing apparatus for performing a 
person authentication process based on a verification process between a template extracted 
from a person identification certificate in which the template is stored and user input 
sampling information, the template being which is person identification data of an individual 
user who uses the information processing apparatus* is stor e d and us e r input sampling 
information, 

wherein said information processing apparatus performs a process for retrieving a 
person identification certificate used for a person authentication process based on user input 
information with stored data of the information processing apparatus being used as the 
retrieval target, outputs a request for issuing a person identification certificate to a person 
identification certificate authority* which is a person identification certificate issuing entity* 
when a person identification certificate corresponding to the user input information cannot be 
extracted, and stores the person identification certificate issued from the person identification 
certificate authority in a the storage device m e ans of the information processing apparatus. 

23. (currently amended) An information processing apparatus according to Claim 22, 
wherein, in the process for storing the newly obtained personal identification certificate in the 
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storage means, when said newly obtained person identification certificate is a person 
identification certificate corresponding to the same user for an existing public key certificate 
which has already been stored in said information processing apparatus, said information 
processing apparatus performs a process for creating pair information of identifiers of each 
certificate and for storing the pair information in the storage device m e ans . 

24. (currently amended) An information processing apparatus according to Claim 22, 
wherein said information processing apparatus p e rforms a process for retri e ving retrieves a 
public key certificate used for data communication with an external apparatus with stored 
data of the storage means device of the information processing apparatus being used as the 
retrieval target on the basis of user input information, creates a pair of a public key and a 
secret key when a corresponding public key certificate cannot be extracted, transmits the 
created public key to the certificate authority which is a public key certificate issuing entity, 
makes a request for issuing a public key certificate, and performs a process for storing the 
public key certificate issued from said certificate authority in the storage stores m e ans of the 
information processing apparatus. 

25. (currently amended) An information processing apparatus according to Claim 24, 
wherein, in the process for storing the newly obtained personal identification certificate in the 
storage device m e ans , when said newly obtained person identification certificate is a person 
identification certificate corresponding to the same user for an existing public key certificate 
which has already been stored in said information processing apparatus, said information 
processing apparatus performs a process for creating pair information of identifiers of each 
certificate and stores the pair information in the storage device m e ans . 

26. (currently amended) An information processing apparatus according to Claim 24, 
wherein, in the process for storing the newly obtained personal identification certificate in the 
storage device m e ans , when said newly obtained person identification certificate is a person 
identification certificate corresponding to the same user for an existing public key certificate 
which has already been stored in said information processing apparatus, said information 
processing apparatus performs a process for creating pair information of identifiers of each 
certificate, stores the pair information in the storage device m e ans , and registers together a 
process identifier which identifies a process such as services to be used. 
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27. (currently amended) A program providing medium for providing a computer 
program for causing a person application authentication data process for performing a person 
authentication process to be performed in a computer system based on a verification process 
between a template extracted from a person identification certificate in which the template is 
stored and user input sampling information, the template being which is person identification 
data of an individual user who uses an information processing apparatus and us e r input 
sampling information , said computer program comprising: 

a step for retrieving a person identification certificate used for a person authentication 
process based on the user input information; 

a step for outputting a request for issuing a person identification certificate to a person 
identification certificate authority^ which is a person identification certificate issuing entity^ 
when a person identification certificate corresponding to the user input information cannot be 
extracted; 

a step for creating pair information of identifiers of each certificate when said person 
identification certificate issued from said person identification certificate authority is a person 
identification certificate corresponding to the same user for an existing public key certificate 
which has already been stored in said information processing apparatus; and 

a step for storing the pair information in a the storage device m e ans . 
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